Mozilla Firefox < 44.0 Multiple Vulnerabilities

critical Nessus Network Monitor Plugin ID 9075
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote host has a web browser installed that is vulnerable to multiple attack vectors.

Description

The version of Firefox is prior to 44.0 and is affected by multiple vulnerabilities :

- Multiple unspecified memory corruption issues exist that allow a remote attacker to execute arbitrary code. (CVE-2016-1930, CVE-2016-1931)
- An integer overflow condition exists due to improper parsing of GIF images during deinterlacing. A remote attacker can exploit this, via a specially crafted GIF image, to cause a denial of service condition or the execution of arbitrary code. (CVE-2016-1933)
- A buffer overflow condition exists in WebGL that is triggered when handling cache out-of-memory error conditions. A remote attacker can exploit this to execute arbitrary code. (CVE-2016-1935)
- A content spoofing vulnerability exists due to the protocol handler dialog treating double click events as two single click events. A remote attacker can exploit this to spoof content, allowing the attacker to trick a user into performing malicious actions. (CVE-2016-1937)
- A cryptographic weakness exists in Network Security Services (NSS) due to incorrect calculations with 'mp_div' and 'mp_exptmod'. (CVE-2016-1938)
- A cookie injection vulnerability exists due to illegal control characters being permitted in cookie names. A remote attacker can exploit this to inject cookies. (CVE-2016-1939)
- A flaw exists that is triggered as the delay between the download dialog getting focus and the button getting enabled is too short. If a context-dependent attacker can trick a user into double clicking in a specific location, they can pass the second click through to a dialog below that location. This will allow the attacker to cause the user to perform unintentional actions. (CVE-2016-1941)
- An URL spoofing vulnerability exists due to a flaw that is triggered during the handling of a URL that invalid for the internal protocol, causing the URL to be pasted into the address bar. A remote attacker can exploit this spoof URLs, allowing the attacker to trick a user into visiting a malicious website. (CVE-2016-1942)
- An unspecified memory corruption issue exists in the ANGLE graphics library implementation. A remote attacker can exploit this to corrupt memory, resulting in the execution of arbitrary code. (CVE-2016-1944)
- A wild pointer flaw exists due to improper handling of ZIP files. A remote attacker can exploit this, via a crafted ZIP file, to have an unspecified impact. (CVE-2016-1945)
- An integer overflow condition exists in the bundled version of libstagefright due to improper handling of MP4 file metadata. A remote attacker can exploit this to execute arbitrary code. (CVE-2016-1946)
- A flaw exists in the safe browsing feature due to the Application Reputation service being unreachable. A remote attacker can exploit this to convince a user into downloading a malicious executable without being warned. (CVE-2016-1947)

Solution

Upgrade to Firefox 44 or later.

See Also

https://www.mozilla.org/en-US/security/advisories

https://www.mozilla.org/en-US/security/advisories/mfsa2016-01

https://www.mozilla.org/en-US/security/advisories/mfsa2016-02

https://www.mozilla.org/en-US/security/advisories/mfsa2016-03

https://www.mozilla.org/en-US/security/advisories/mfsa2016-04

https://www.mozilla.org/en-US/security/advisories/mfsa2016-05

https://www.mozilla.org/en-US/security/advisories/mfsa2016-06

https://www.mozilla.org/en-US/security/advisories/mfsa2016-07

https://www.mozilla.org/en-US/security/advisories/mfsa2016-08

https://www.mozilla.org/en-US/security/advisories/mfsa2016-09

https://www.mozilla.org/en-US/security/advisories/mfsa2016-10

https://www.mozilla.org/en-US/security/advisories/mfsa2016-11

https://www.mozilla.org/en-US/security/advisories/mfsa2016-12

Plugin Details

Severity: Critical

ID: 9075

Family: Web Clients

Published: 2/19/2016

Updated: 3/6/2019

Dependencies: 9131

Nessus ID: 88459, 88461

Risk Information

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

Patch Publication Date: 2/12/2016

Vulnerability Publication Date: 1/27/2016

Reference Information

CVE: CVE-2016-1930, CVE-2016-1935, CVE-2016-1938, CVE-2016-1931, CVE-2016-1933, CVE-2016-1937, CVE-2016-1939, CVE-2016-1942, CVE-2016-1944, CVE-2016-1945, CVE-2016-1946, CVE-2016-1947, CVE-2016-1941

BID: 79280